this post was submitted on 21 Aug 2023
17 points (84.0% liked)

Selfhosted

40006 readers
607 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I'm on at least 2 blocklists at this point for the crime of not having reverse DNS set up. I don't know how rDNS works. No amount of reading Wikipedia is helping me understand what I have to do.

  • I have a domain at a registrar which gives me bog standard DNS.
  • I have Apache running on my network.
  • I have PiHole running on my network.

My understanding is that rDNS is not set up at my registrar, but somewhere in my network. What do I do?

Thank you for your time.

you are viewing a single comment's thread
view the rest of the comments
[–] drkt@feddit.dk 1 points 1 year ago (2 children)

Copied this from another comment I made

A number of people can’t route to me at all. My domain is drkt.eu and sits on port 80 and 443 @ 89.150.135.135 and 2a05:f6c7:8039::1337

IPv6 is not big in my country, and I don’t think anyone afflicted has IPv6 so I can’t tell you if this affects both v4 and v6.

It’s not a DNS issue, as the afflicted users can get the correct IPs from nslookup.

Mullvad VPN users are consistently unable to route to me.

One friend can’t route to me from his workplace network. It’s a small network and their admin claims they don’t block anything so it’s a mystery to him as well.

Another friend across town can’t reach my network despite being so close to me hop-wise, but his network is run by wacks and is consequently also quite wack. I can’t confidently say this is the same issue.

I’m not dropping any connections for any reason. My ISP claims they aren’t doing any blocking of domains or IPs.

Traceroutes time out at consistent hops but it’s different per afflicted network. The only recurring name has been costumer.tdc.net

It might not be related, but I can’t route to catbox.moe and their admin says my IPs are not blacklisted in any of their systems.

[–] Shadow@lemmy.ca 1 points 1 year ago (1 children)

Do you have a different firewall/router you can try? Even just plug your PC directly into the modem for now to bypass your router and rule that out.

[–] drkt@feddit.dk 1 points 1 year ago* (last edited 1 year ago) (2 children)

~~Routing to me has been solved, my router was incorrectly dropping pings on WAN because I messed up the firewall configs.~~ The trouble users still can't reach my website.

[–] deprecateddino@lemmy.world 2 points 1 year ago

Any chance your firewall is dropping the packets for some reason?

[–] Shadow@lemmy.ca 1 points 1 year ago (1 children)

Your ISP may block 80 / 443. Try moving your webserver to an alternate high port and ask the users to test with that.

[–] drkt@feddit.dk 1 points 1 year ago (1 children)

But it's only very few people. If my ISP blocks these ports, why 99% of people have no issues?

[–] Shadow@lemmy.ca 1 points 1 year ago (1 children)

At this point I'd install wireshark and see if I'm getting their TCP connections at all.

Given your other routing issues though, I would guess you have another config issue on your firewall.

[–] drkt@feddit.dk 1 points 1 year ago* (last edited 1 year ago)
  5.186.33.87 > 89.150.135.135: ICMP echo request, id 1, seq 43476, length 40
12:38:19.843890 d0:50:99:81:48:17 > 4c:6d:58:4a:97:d4, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 64, id 21715, offset 0, flags [none], proto ICMP (1), length 60, bad cksum 0 (->1dc0)!)
    89.150.135.135 > 5.186.33.87: ICMP echo reply, id 1, seq 43476, length 40
12:38:20.219177 d0:50:99:81:48:17 > 4c:6d:58:4a:97:d4, ethertype IPv4 (0x0800), length 43: (tos 0x0, ttl 64, id 32958, offset 0, flags [none], proto ICMP (1), length 29, bad cksum 0 (->3f6d)!)

Packet capture from the router for 4 pings from him to me. ~~2 of 8 packets expected were captured and~~ have bad checksums. Disregard, all 8 expected packets do show up

[–] MangoPenguin@lemmy.blahaj.zone 1 points 1 year ago (1 children)

That is quite odd, I assume TDC is your ISP?

[–] drkt@feddit.dk 1 points 1 year ago

No, it's Hiper using Fibia's (Waoo) infrastructure.